Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          pMO480xOk7sAmmWBECLI90kKzM8a8wvn3l9svK4SdOY=
Subject key identifier:   66:11:BE:CA:C3:F5:6D:D6:97:D3:84:A6:0F:55:26:0C:A6:78:25:DE
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       0198D660689C88F96AB64F312937AD376798
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0D2A
Signing time:             Sat 23 Aug 2025 10:01:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:38 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: NkFKvaKjVwEXbGSz9ke/Q5fEqZ5B7oEowqYKlruchU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:68:9c:88:f9:6a:b6:4f:31:29:37:ad:37:67:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Aug 23 10:01:38 2025 GMT
            Not After : Aug 24 10:01:38 2025 GMT
        Subject: CN=6611becac3f56dd697d384a60f55260ca67825de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d5:c6:38:a4:df:8c:1a:96:e7:69:4b:2b:c3:
                    66:00:0c:c1:34:2a:b1:36:90:26:88:b5:5d:d7:38:
                    f2:43:f9:26:e3:fe:66:39:a3:0d:f9:99:2c:1e:92:
                    a6:71:5c:2d:e9:42:5e:d7:0f:85:eb:31:f4:70:57:
                    c7:da:be:f5:e5:ff:52:26:cc:8a:fa:f1:9b:ed:74:
                    8a:15:ae:3e:ab:52:6a:6c:6f:b3:c4:a3:42:6e:f6:
                    0c:e6:8d:44:05:ff:1f:6d:30:5b:74:49:f0:15:df:
                    7c:72:a2:26:fb:42:7f:bf:81:a3:34:e7:ca:14:b1:
                    ad:71:84:b4:2f:36:80:b3:aa:f6:e5:ff:51:7f:95:
                    d5:7e:93:86:37:9c:0c:9b:0f:06:ec:73:97:ae:28:
                    a6:92:68:d6:9f:a9:c9:9a:8b:7b:4c:7b:96:3d:a1:
                    52:3b:e7:a2:3a:1e:79:22:90:14:04:36:f9:5e:46:
                    00:0d:0b:97:21:9f:4c:38:e9:1d:4b:34:a6:1d:b7:
                    a2:9b:b7:cc:68:13:f3:4b:fc:88:84:b4:da:98:54:
                    9c:75:e2:6b:ed:6f:a4:11:99:16:ab:05:58:1b:9a:
                    21:32:43:64:8b:ad:be:f4:cf:11:86:54:85:b7:10:
                    db:5d:02:23:f8:1d:86:2e:11:31:ea:ed:d5:c1:83:
                    cc:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:11:BE:CA:C3:F5:6D:D6:97:D3:84:A6:0F:55:26:0C:A6:78:25:DE
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:79:e1:a8:38:79:ea:da:02:e7:9b:aa:41:7c:e5:cc:7f:e0:
         59:3d:cb:d4:9a:c8:a7:99:57:35:b2:8b:03:b0:f0:f1:e3:20:
         91:77:9b:14:78:6c:3f:f1:39:ba:db:7e:3e:ea:73:d5:85:96:
         8c:e8:91:c3:f9:9b:27:41:c5:c7:b3:54:e7:2b:ba:8b:57:49:
         06:4e:eb:35:78:9d:d1:3e:fd:95:7d:2f:2d:ab:41:37:cf:af:
         34:b0:61:6a:d0:1b:5c:87:8c:f2:57:24:4c:70:e0:f3:1a:59:
         04:1d:35:6b:08:f9:27:9e:25:34:ac:e9:4c:9f:62:e5:b5:c3:
         23:91:81:2a:59:da:df:d3:c1:5e:9d:15:44:3a:fd:cc:82:7c:
         4c:e7:66:ae:14:df:66:c6:43:56:62:55:02:41:7c:11:19:d8:
         08:bd:bf:90:e2:e8:d5:60:c7:a0:08:79:60:7e:c0:29:b2:e8:
         06:5f:6d:ef:9d:7f:8c:ef:56:a2:cc:e4:d5:5a:4a:9a:73:bd:
         db:0b:1f:f9:e3:37:b3:dd:cd:8c:ac:a5:67:41:1b:d5:56:46:
         ac:f1:80:db:4d:59:3e:e9:f0:53:d8:59:5f:b2:8e:0b:de:25:
         92:c9:ff:9a:c9:62:e8:fb:56:4a:16:8e:d7:5d:ac:47:1e:97:
         fa:3a:e9:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYGiciPlqtk8xKTetN2eYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjUwODIzMTAwMTM4WhcNMjUwODI0MTAwMTM4WjAzMTEwLwYDVQQD
Eyg2NjExYmVjYWMzZjU2ZGQ2OTdkMzg0YTYwZjU1MjYwY2E2NzgyNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdXGOKTfjBqW52lLK8NmAAzBNCqx
NpAmiLVd1zjyQ/km4/5mOaMN+ZksHpKmcVwt6UJe1w+F6zH0cFfH2r715f9SJsyK
+vGb7XSKFa4+q1JqbG+zxKNCbvYM5o1EBf8fbTBbdEnwFd98cqIm+0J/v4GjNOfK
FLGtcYS0LzaAs6r25f9Rf5XVfpOGN5wMmw8G7HOXriimkmjWn6nJmot7THuWPaFS
O+eiOh55IpAUBDb5XkYADQuXIZ9MOOkdSzSmHbeim7fMaBPzS/yIhLTamFScdeJr
7W+kEZkWqwVYG5ohMkNki62+9M8RhlSFtxDbXQIj+B2GLhEx6u3VwYPMRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYRvsrD9W3Wl9OEpg9VJgymeCXeMB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFHnhqDh5
6toC55uqQXzlzH/gWT3L1JrIp5lXNbKLA7Dw8eMgkXebFHhsP/E5utt+Pupz1YWW
jOiRw/mbJ0HFx7NU5yu6i1dJBk7rNXid0T79lX0vLatBN8+vNLBhatAbXIeM8lck
THDg8xpZBB01awj5J54lNKzpTJ9i5bXDI5GBKlna39PBXp0VRDr9zIJ8TOdmrhTf
ZsZDVmJVAkF8ERnYCL2/kOLo1WDHoAh5YH7AKbLoBl9t751/jO9Woszk1VpKmnO9
2wsf+eM3s93NjKylZ0Eb1VZGrPGA201ZPunwU9hZX7KOC94lksn/msli6PtWShaO
112sRx6X+jrphw==
-----END CERTIFICATE-----